Cyberattackers increasingly target healthcare and South Africa is not immune
Ransomware attacks are on the increase globally as criminals exploit gaps in hospital software security as well as IT weaknesses.
Global hackers have escalated their attacks on hospitals, clinics, government officers and even NGOs in the last two months according to a new report published by Check Point Research.
The sector is now the most targeted industry in the world as an increase of around 22% was recorded across all industries by the end of 2020.
The report has found that the average number of attacks on health organisations and systems rose to 626 per organisation in December 2020 from around 430 in October 2020. The form of infringement includes ransomware, botnets, remote code execution, and distributed denial-of-service (DDoS) attacks.
“Ransomware attacks also increased by 33% in APAC and 36% in EMEA,” Check Point said.
Hospitals are now recording the most ransomware attacks of any sector as criminals exploit the Covid-19 pandemic in an attempt to get rich quick. So far African institutions have been spared the worst, but data security experts say once the criminals run out of option in the developed world, they will turn to the continent to make more illegal cash.
In June 2020 South Africa’s Life Health Care group hospitals were subjected to a cyberattack that forced it to shut down systems.
“External cybersecurity experts and forensic teams have been brought on board to advise and supplement our internal teams and capacity. We have alerted the relevant authorities and investigations are underway,” it said in a statement at the time. The group’s admissions systems, business processing systems and email servers were all affected.
279/n: In the last few months, several of South Africa’s leading hospitals and healthcare organizations have been hit by ransomware attacks. In June 2020, a ransomware attack hit the Life Healthcare hospital chain, which has 66 hospitals in South Africa. https://t.co/EAoKrv0D3r
— Mihoko Matsubara (@M_Miho_JPN) January 9, 2021
Central Europe topped the list of regions impacted by the increase in attacks against healthcare organizations with a 145% uptick in November, followed by East Asia (up 137%) and Latin America (up 112% increase). Europe and North America saw increases of 67% and 37% respectively.
Ransoms – to pay or not to pay
According to the report, many hospitals have paid ransoms which leads to an increase in attacks.
“The major motivation for threat actors with these attacks is financial,” the authors of the report note.
“They are looking for large amounts of money, and fast. It seems that these attacks have paid off very well for the criminals behind them over the past year, and this success has made them hungry for more.”
The report has warned that ransomware attacks against hospitals and related organizations are particularly damaging.”..because any disruption to their systems could affect their ability to deliver care, and endanger life – all this aggravated with the pressures these
systems are facing trying to cope with the global increase in COVID-19 cases. This is precisely why criminals are specifically and callously targeting the healthcare sector: because they believe hospitals are more likely to meet their ransom demands.”
Hospitals are under intense time pressure so prefer to pay the attackers to release their systems once a hacker has taken control. But safety and security experts have warned against paying ransoms including the American FBI.
“The FBI does not support paying a ransom in response to a ransomware attack,” it said in a statement.
“Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
Canada the main victim
As for specific countries, Canada experienced the most dramatic increase with over a 250% uptick followed by Germany with a 220% increase and even Spain saw a doubling in attacks.”From an upsurge in the registration of coronavirus-related malicious domains, to the use of related topics in phishing and ransomware attacks, and even fraud advertisements offering Covid vaccines for sale, we have seen an unprecedented increase in cyber-exploits seeking to compromise personal data, spread malware and steal money,” the report noted.
Staying safe – avoid email attachments
Some of the defenses against ransomware and other forms of hacking include being aware of Trojan infections which are often attachments on emails. The Trojan infection usually predates a ransomware attack and they are linked. Digital thieves have also exploit the holiday period and increase their attacks during weekends as well as a country’s public holidays. This provides them extra time to go about exploiting any gaps in digital security at hospitals and similar institutions when IT staff are usually away. The best technique is to train employees to avoid opening any attachments on emails they did not request or not from clearly attributed long-term clients.
“As many of the current cyber-attacks start with a targeted phishing email that does not even contain malware, just a socially-engineered message that encourages the user to click on a malicious link, or to supply specific details. User education to help identify these types of malicious emails is often considered one of the most important defenses an organization can deploy,” it said.
Vaccine supply chain the target
Nation state hacking has also increased with reports by IBM in December 2020 that a major global phishing campaign targeting organizations associated with a COVID-19 cold chain had been uncovered. The cold chain is a component of the vaccine supply chain that ensures the safe preservation of vaccines in temperature-controlled environments during their storage and transportation.
“Our analysis indicates that this calculated operation started in September 2020,” IBM said in a statement.
IBMs Security Intelligence group also said that health institutions world wide are now in the cross hairs of hackers.
“While ransomware attacks continue to reach all corners of the world, Asia and North America are the hardest hit so far this year. They account for 33% and 30%, respectively of ransomware engagements that IBM Security X-Force has responded to in 2020.”